cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rohit Yadav" <bhais...@apache.org>
Subject Re: Review Request 24184: CLOUDSTACK-1389 Fixing sudo access to keytool
Date Fri, 01 Aug 2014 15:07:03 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/24184/#review49343
-----------------------------------------------------------


Thanks Eric for picking this up, looks good but need to test.

- Rohit Yadav


On Aug. 1, 2014, 2:56 p.m., Erik Weber wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/24184/
> -----------------------------------------------------------
> 
> (Updated Aug. 1, 2014, 2:56 p.m.)
> 
> 
> Review request for cloudstack and edison su.
> 
> 
> Bugs: CLOUDSTACK-1389
>     https://issues.apache.org/jira/browse/CLOUDSTACK-1389
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> -------
> 
> Since commit 45e4d4fc3bb52f73eb6e687a144cd48587fad2d4 the cloud user has been missing
sudo access to keytool, thereby giving errors like:
> ,127 INFO  [c.c.s.ConfigurationServerImpl] (main:null) SSL keystore located at /etc/cloudstack/management/cloud.keystore
> 2014-08-01 17:25:07,133 DEBUG [c.c.u.s.Script] (main:null) Executing: sudo keytool -genkey
-keystore /etc/cloudstack/management/cloud.keystore -storepass vmops.com -keypass vmops.com
-keyalg RSA -validity 3650 -dname cn="Cloudstack User",ou="acs44-mgmt1.localdomain",o="acs44-mgmt1.localdomain",c="Unknown"

> 2014-08-01 17:25:07,147 DEBUG [c.c.u.s.Script] (main:null) Exit value is 1
> 2014-08-01 17:25:07,148 DEBUG [c.c.u.s.Script] (main:null) sudo: no tty present and no
askpass program specified
> 2014-08-01 17:25:07,150 WARN  [c.c.s.ConfigurationServerImpl] (main:null) Would use fail-safe
keystore to continue.
> 
> 
> Diffs
> -----
> 
>   python/lib/cloudutils/serviceConfig.py e0ea7a2 
> 
> Diff: https://reviews.apache.org/r/24184/diff/
> 
> 
> Testing
> -------
> 
> Verified that the keystore now gets properly created
> 
> 2014-08-01 18:50:58,336 INFO  [c.c.s.ConfigurationServerImpl] (main:null) Processing
updateSSLKeyStore
> 2014-08-01 18:50:58,337 INFO  [c.c.s.ConfigurationServerImpl] (main:null) SSL keystore
located at /etc/cloudstack/management/cloud.keystore
> 2014-08-01 18:50:58,338 DEBUG [c.c.u.s.Script] (main:null) Executing: sudo keytool -genkey
-keystore /etc/cloudstack/management/cloud.keystore -storepass vmops.com -keypass vmops.com
-keyalg RSA -validity 3650 -dname cn="Cloudstack User",ou="acs44-mgmt1.localdomain",o="acs44-mgmt1.localdomain",c="Unknown"

> 2014-08-01 18:50:59,413 DEBUG [c.c.u.s.Script] (main:null) Execution is successful.
> 2014-08-01 18:50:59,413 INFO  [c.c.s.ConfigurationServerImpl] (main:null) Generated SSL
keystore.
> 2014-08-01 18:50:59,430 INFO  [c.c.s.ConfigurationServerImpl] (main:null) Stored SSL
keystore to database.
> 
> 
> Thanks,
> 
> Erik Weber
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message